1. Field of the Invention
The present invention relates to a communication apparatus that encrypts a plurality of pieces that constitute a part of distributed data and transmits the encrypted pieces or receives such encrypted pieces; a key server that transmits a decryption key used for decrypting such encrypted pieces; and data related thereto.
2. Description of the Related Art
For example, a distribution method for distributing data by using a Peer to Peer (P2P) network (hereinafter, performing a “P2P distributing process”) does not require a data distribution server having a huge storage capacity and a large communication band and is therefore very cost effective. In addition, a node that receives distribution of data is expected to receive the supply of data from a plurality of nodes. Thus, the node is expected to obtain the data at a high speed while taking advantage of the bandwidth during downloading and uploading processes. As explained here, such a P2P data distribution method has great advantages, but seems to be insecure in view of data security related to, for example, copyright protections. A general premise that is used when we discuss not only P2P distribution methods, but the data security including copyright protections is as follows: There is no possibility that all the terminal devices or all the nodes are hacked. If this premise were denied, the terminal devices would be unable to store therein data that needs to be kept secret or to perform a process that needs to be kept secret, and almost all of the security techniques and inventive approaches to assure security would not work.
An example in which a P2P distributing process is used is a content distribution system in which encrypted data is distributed, and a node that receives the distribution of the data obtains a decryption key used for decrypting the data (hereinafter, “distributed data”). With regard to the P2P distributing process performed in such a system, one of the big problems related to data security is that there are only one or a few combinations each made up of distributed data and a decryption key used for decrypting the distributed data. Let us discuss a situation in which a node has been hacked, and the decryption key has been disclosed. In this situation, it is possible to use the disclosed decryption key for decrypting almost any distributed data. One of the solutions to this problem is to individualize the distributed data for each of the nodes.
An example of a technique used for individualizing distributed data for each of the nodes during a P2P distributing process is a method that was invented by Marking and is disclosed in U.S. Pat. No. 7,165,050. According to this method, the distributed data is divided into pieces, and an encrypting process is performed thereon by using a matrix of keys, so that encrypted pieces are generated. As a result, a piece group that is made up of the encrypted pieces that have been encrypted in the manner of a matrix is generated. The generated piece group is distributed via a P2P network. One of the nodes that are connected to the P2P network obtains, for each of the pieces, one of the plurality of encrypted pieces that have been encrypted in the manner of the matrix. As a result, the combination of encrypted pieces obtained by encrypting the pieces that constitute the distributed data is statistically expected to be unique for each of the nodes.
According to the technique disclosed in U.S. Pat. No. 7,165,050, however, it is only statistically expected that the combination of encrypted pieces is unique for each of the nodes. To make sure that the combination of encrypted pieces is unique for each of the nodes, it is possible to use, for example, one of the following two methods: One is to apply an inventive approach to the method used for distributing the encrypted pieces. The other is to configure a key server that stores therein the decryption keys used for decrypting the encrypted pieces so that the key server applies a limitation to the distribution of the decryption keys. For example, there is a system in which, to decrypt a distributed piece group, a node informs a key server of the combination of encrypted pieces and obtains the decryption keys. In such a system, to prevent replay attacks that are realized by re-distribution of decryption keys, a method may be used by which the key server rejects any combination of encryption pieces that overlaps many of the decryption keys that have already been obtained. However, when any of these methods is used, there is a possibility that the distribution efficiency of the encrypted pieces may be significantly lowered from time to time and that the advantages of the P2P network may not be fully utilized. In addition, when the former of the two methods described above is used, there is a possibility that independence between the data protection and the data distribution method may be lost and that this loss of independence may impose a significant restriction on system construction.